+<?php
+ require 'include/head.inc';
+ require 'include/db.inc';
+ require 'include/common.inc';
+
+ if(isset($_POST['submit']) && $_POST['mnumber']!="") {
+ $mnumber = trim($_POST['mnumber']);
+
+ if( ! is_numeric($mnumber) ) {
+ block("red", "Mat.nummer has to be numeric!");
+ }
+ else {
+ if($db->query("SELECT COUNT(*) FROM students WHERE mnumber = $mnumber")->fetch(PDO::FETCH_NUM)[0] == 0) {
+ print '<table bgcolor="red">';
+ print '<tr><th><b><font color="white">Mat.nummer not found</font></b></th><tr>';
+ print '</table>';
+ }
+ else {
+ $userinfo = $db->query("SELECT firstname,lastname,email,password FROM students WHERE mnumber=$mnumber")->fetch(PDO::FETCH_NUM);
+
+ // send password-email //
+ $nachricht = "Hello $userinfo[0]($mnumber)!\nThis is a password-recovery mail for the exercise " . $PREFS['exname'] . " (" . $PREFS['groupname'] . ").\nYour forgotten password is: $userinfo[3]\n\nYours,\nBanana.";
+ $header = 'From: banana@treefish.org' . "\r\n" .
+ 'Reply-To: noreply@treefish.org' . "\r\n" .
+ 'X-Mailer: PHP/' . phpversion();
+ mail($userinfo[2], "Banana password-recovery: " . $PREFS['exname'] . " (" . $PREFS['groupname'] . ")", $nachricht, $header);
+
+ print "<table bgcolor=\"lightgreen\">";
+ print "<tr><th><b><font color=\"white\">sent password to your email-address</font></b></th><tr>";
+ print "</table>";
+ }
+ }
+ }
+?>
+
+<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
+ <table bgcolor="black">
+ <tr><th><b><font color="white">Password recovery</font></b></th><tr>
+ </table>
+
+ <table>
+ <tr>
+ <th align="left">Mat.nummer:</th> <th align="left"><input type="text" name="mnumber"></th>
+ </tr>
+ <tr><th colspan=2></th></tr>
+
+ <tr>
+ <th align="left"><input type="submit" name="submit" value="Recover password"></th> <th></th>
+ </tr>
+ </table>
+</form>